LEADER 05339nam  22005535  450 
001 9910805573403321
005 20250807124740.0
010   $a9798868800948
024 7 $a10.1007/979-8-8688-0094-8
035   $a(CKB)30098042000041
035   $a(MiAaPQ)EBC31084686
035   $a(Au-PeEL)EBL31084686
035   $a(DE-He213)979-8-8688-0094-8
035   $a(OCoLC)1419121319
035   $a(OCoLC-P)1419121319
035   $a(CaSebORM)9798868800948
035   $a(EXLCZ)9930098042000041
100   $a20240123d2024      u|         0
101 0 $aeng
135   $aur|||||||||||
181   $ctxt$2rdacontent
182   $cc$2rdamedia
183   $acr$2rdacarrier
200 10$aEnterprise Cyber Risk Management as a Value Creator $eLeverage Cybersecurity for Competitive Advantage /$fby Bob Chaput
205   $a1st ed. 2024.
210  1$aBerkeley, CA :$cApress :$cImprint: Apress,$d2024.
215   $a1 online resource (414 pages)
300   $aIncludes index.
311 08$a9798868800931 
327   $aPart I: A Case for Action -- Chapter 1: Enterprise Cyber Risk Management as a Value Creator -- Chapter 2: SEC and Other Important Cyber Regulations -- Chapter 3: The Courts Are Picking Up the Cyber Pace -- Chapter 4: The Most Critical Cybersecurity Decision -- Chapter 5: Justifying ECRM Funding -- Chapter 6: The C-Suite and Board Role -- Part II: Building and Implementing Your ECRM Program -- Chapter 7: Integrating ECRM into Business Strategy -- Chapter 8: Getting Started -- Chapter 9: ECRM Guiding Principles and Business Alignment -- Chapter 10: Three Vital ECRM Building Blocks -- Chapter 11: Adapting Your ECRM Process to Include Cyber Opportunities -- Chapter 12: Additional Essential ECRM Program Events -- Appendix A: What to Look for in an ECRM Company and Solution -- Appendix B: Enterprise Cyber Risk Management Software (ECRMS) -- Appendix C: The Benefits of a NIST-Based ECRM Approach -- Appendix D: Twenty-Five Essential Terms for Your ECRM Glossary -- AppendixE: Sample ECRM Program and Cybersecurity Strategy Table of Contents.
330   $a?This book should be mandatory reading for C-suite executives and board members. It shows you how to move from viewing cybersecurity as a risk to avoid, and a cost center that does not add value and is overhead, to seeing cybersecurity as an enabler and part of your core strategy to transform your business and earn customer and stakeholder trust.? ?Paul Connelly, First CISO at the White House and HCA Healthcare This book will help you learn the importance of organizations treating enterprise cyber risk management (ECRM) as a value creator, a business enabler, and a mechanism to create a competitive advantage. Organizations began to see the real value of information and information technology in the mid-1980s. Forty years later, it?s time to leverage your ECRM program and cybersecurity strategy in the same way. The main topics covered include the case for action with specific coverage on the topic of cybersecurity as a value creator,including how the courts, legislators, and regulators are raising the bar for C-suite executives and board members. The book covers how the board?s three primary responsibilities (talent management, strategy, and risk management) intersect with their ECRM responsibilities. ECRM was once solely focused on managing the downside of risk by defending the organization from adversarial, accidental, structural, and environmental threat sources. Author Bob Chaput presents the view that we must focus equally on managing the upside of cyber strengths to increase customer trust and brand loyalty, improving social responsibility, driving revenue growth, lowering the cost of capital, attracting higher quality investments, creating competitive advantage, attracting and retaining talent, and facilitating M&A work. He focuses on the C-suite and board role in the first part and provides guidance on their roles and responsibilities, the most important decision about ECRM they must facilitate,and how to think differently about ECRM funding. You will learn how to the pivot from cost-center thinking to value-center thinking. Having built the case for action, in the second part, the book details the steps that organizations must take to develop and document their ECRM program and cybersecurity strategy. The book first covers how ECRM must be integrated into business strategy. The remainder of that part presents a sample table of contents for an ECRM Program and Cybersecurity Strategy document and works through each section to facilitate development of your own program and strategy. With all the content and ideas presented, you will be able to establish, implement, and mature your program and strategy.
606   $aData protection
606   $aRisk management
606   $aData and Information Security
606   $aIT Risk Management
615  0$aData protection.
615  0$aRisk management.
615 14$aData and Information Security.
615 24$aIT Risk Management.
676   $a260
700   $aChaput$b Bob$01588974
702   $aGardner$b Phil
801  0$bMiAaPQ
801  1$bMiAaPQ
801  2$bMiAaPQ
906   $aBOOK
912   $a9910805573403321
996   $aEnterprise Cyber Risk Management as a Value Creator$93883230
997   $aUNINA